I am creating a DRF project and want to implement sending push notifications to devices.
I have configured firebase in Django settings. But after that I faced a problem as I can't send test notification even from admin, I get an error:
enter image description here
I understand that FCM registration token is required, but there is no way I can get it on backend side. Please advise if anyone has come across how is it possible to generate registration token on backend.
You should get the token on front.end side with JS, and also have functions for receiving messages in background/foreground on front.end.
The token can then be saved in your database or on firebase, whichever you prefer.
Related
I made a Authorizing system with SMS which gets number of an application then makes account and with verify code it let user to login. the problem is that when I send data by Retrofit in Kotlin as POST ,it sends no data (None) to server and Django logs show that no data sent for it. I know my Django API is working truly because of that POSTMAN works with it but my Kotlin application doesn't. Here I used APIService "Kotlin Intrface" class like this you see as below:
#FormUrlEncoded
#POST("v1/register/")
suspend fun RegisterRequest(
#Field("mobile") mobile: String
):Response<Reply>
I expected to see in logs that data sends for server but it doesnt work.
Also maybe you say that it needs Header but no ,cuz of I tried to set header for it also its Register and doesn't need token or anything like this and there's no persmission for it in server side.
My team is about to start a new project, they want to use AWS Cognito for handling authentication and authorization. After doing some research, I decided to use Amplify Javascript to build a login page with Angular. (this link: https://aws-amplify.github.io/docs/js/angular)
The Sign in and Sign up page work quite well but my team concern about the idea that my application sends the login information (username, password...) directly to AWS Cognito service. They think that there might be some risk of exposing the response from AWS Cognito to the client, so they recommend me to create a Nodejs server to forward the login request to Cognito and return only the JwtToken back to the client.
Even their idea sound pretty reasonable, the fact that there is no warning on the Amplify website also concerns me.
So here the question, is there any problem with sending the login information directly to Cognito?
I don't see any risk of sending the login request directly to aws Cognito service, by adding a node js server you're increasing the network nodes where the login details to pass which is I believe riskier from design model.
That's the reason why payment processors preferred to have credit card details sent directly.
however one thing I'd recommend is to host the login under iframe which make it immune from external js interference, and upon getting the login response details you can pass it to the nodejs server.
Im using Angular as frontend and Django as backend. When fetching the logged in user, there is a small lag or "flickering" in the username displayed in the top menu due to the Angular having to ask the backend for the user data, after receiving the token and wait for the promise to return the user data.
To authenticate and log in i use django rest framework:
url(r'^token-auth/', obtain_auth_token)
This returns a Token - all works well and Im logged in. But this call doesnt return any user data, so to solve this I created a separate api view that returns the user. A service in Angular is triggered to fetch the user data directly after receiving the token.
But to do that Angular has to call the user view separately and that in turn can lead to "lag" in the way that the users data wont load instantly in the menu upon login (because Angular has to fetch the users data again, after receiving the users token on the first call).
This got me thinking, what is the best way to get the logged in user data after receiving the Token and "beeing logged in"? Is there a better way to do this?
Or if this is the correct way to do it maybe I should just handle the loading of data in the menu in a different way?
I am new to django and am trying to get the user authenticated using firebase admin sdk. I am trying to do token authentication and have setup the admin sdk in my django app. Also I have received the client id token in the android app.
Now I am unable to understand how to send this id to the backend and verify it as a user and create users accordingly.I did find this answer but couldn't really understand how to go about this.
Also if a user is verified how do I add and update its data. Do I pass the token again or is there any other way to do it?
Your Android App should send its ID token along with all requests sent to the backend server. You can decide how to include that (as a header, as part of a JSON payload etc). In the backend server, you should always call auth.verify_id_token() and return an error (e.g. 401 Unauthorized) if the token fails to validate.
I have an AngularJS Single Page Application that uses a Django backend API based on the Django Rest Framework. The API is protected via django-rest-framework-jwt. I would like to use django-allauth for account management and authentication on the server side.
I am just missing one single piece in the flow: How does my Oauth-Token from the client get transferred into a JWT-token? Basically, I would like to do as described here http://blog.wizer.fr/2013/11/angularjs-facebook-with-a-django-rest-api/ based on python-social-auth.
So my question is, how do I implement the ObtainAuthToken class from the link with django-allauth?
There are usually two login flows with social login: client-side ("Javascript SDK") and server-side. If your server needs to be authorised, it's usually a lot easier to go through the server-side flow. And that's also what all-auth does I think (and you didn't mention you use a frontend library like the blogpost you mentioned does).
Now the challenge is to provide the token from the server to the frontend. You would probably load the token in the HTML of the initialisation of the SPA, and then from Angular save the token client side (cookie, localStorage, etc.) so the session isn't lost on a refresh.
If you don't want the user to leave your app, you can open your /accounts/login/ or /accounts/signup/ url in a new window. In that new window they authorise your app, and your server receives the token upon return. There, you will have to generate a JWT token manually, and render that into the template so that javascript can access it. With js in that popup window, you can then communicate with your app that opened the popup and pass it the token – see this SO answer for an example – so it can save it.
Django-allauth provides signals that let you hook into the social login process. In your case, I would recommend subscribing to the allauth.socialaccount.signals.pre_social_login signal. The code will look something like this:
from allauth.socialaccount.signals import pre_social_login
#receiver(pre_social_login)
def create_jwt_token(sender, request, sociallogin, **kwargs):
# dig into the sociallogin object to find the new access token.
We used hello.js for O-Auth at the company I worked at.
You provide a shim on the Python end and get the refresh token and whatever other data needed once the user connects their social account.
We redirect them via Django to the page they attempted to access from their OAuth provider's page.
Each user still has their own email account which is needed for the JWT, but you could assume that whatever email is in the scope of their social account is their email then use django's functionality to create new users: User.objects.create(email=emailStringFromOauthData) etc.